The keytool is special utility provided by the Java to work with Certificates and security stuff. Here in this we will let you know the each option that is useful to create java key store, sign the keystore and

Step 1 Set the WebLogic environment variables available with the PATH, CLASSPATH etc., by issuing C:\bea\weblogic91\server\bin\setWLSEnv.cmd

On UNIX environments, The profile will be set to work, otherwise you can make sure by running setWLSEnv.sh script from $WL_HOME/server/bin path.

Step 2 Create a dedicated folder (SSLCert- anywhere) to store all Certificate stuff in it. Here we made a folder name as ‘cert’ under c:\cert

Step 3 Generating a “sample.jks” file with java keytool command.

keytool -genkey -alias one -keyalg RSA -keystore sample.jks

Note : Please don’t give space while entering your first name and last name as inputs you can enter as sample shown.

Step 4 Creating a certificate request using keytool with the following command

Better choice to experiment with trail certificates on test environments. Please don’t use this scenario for production environment. Easy ways to get a kick start at Google and type SSL Certificate and open VeriSign website. Click on “Free 30 day SSL Trial”

Click on VeriSign @ SSL Test Certificate

Step 5

Your browser's padlock icon will be displayed in the locked position if your certificate is installed correctly and the server is properly configured for SSL.

Now you need to enter the data

Open C:\cert\certreq.csr file and copy the content as specified in the below screen and submit the certreq.csr

Click on Submit

You will get the Mail to your mail box as shown below

VeriSign will send you the Certificate file to your email that you enter while registering. There are two important certificate links

1. Root CA certificate

2. Intermediate CA certificate

Click on each link as shown in the lower side of email message that is for download.

Download the Root CA

Click the link

Click on select all button and copy in to one text file in C:\bea\SSLCert and named it as CA.pem Go to second link which is given in the email. Do the same for intermediate CA certificate as well.

Copy the content and saved as public.pem

Total 3 files

Step 6: To understand these .pem files to Keytool, We need to follow below steps